AMENDMENTS TO THE CLAIMS 



1 1 . (Currently Amended) A method for establishing a secure communication 

2 session among a first node of a network and one or more other nodes using a 

3 group shared secret key, each of the nodes having a private key value 

4 associated therewith, the method comprising the computer-implemented steps 

5 of: 

6 communicating a first public key value of the first node to a second node; 

7 creating and storing an initial shared secret key for the first node and second 

8 node based on a first private key value and a second public key value 

9 that is received from the second node; 

10 creating and storing information at the first node that associates the first node 

1 1 with a first network communication entity by generating a collective 

12 public key value that is shared by the first node and a second node 

13 and based on the first private key value and a second private key 

14 value that is derived by the first node from the second public key 

15 value; 

16 receiving a third public key value from a third node that seeks to join the first 

1 7 network communication entity; 

18 creating and storing a second shared secret key value based on the collective 

19 public key value and the third public key value; and 

20 joining the first node to a second network communication entity that includes 

21 the first network communication entity and the third node and that 

22 uses secure communication with messages that are encrypted using 

23 the second shared secret key value; 

24 wherein the first node, second node, and third node are separate nodes , 

1 2. (Currently Amended) A method as recited in Claim 1 , wherein joining the 

2 first node to a second network communication entity includes the step of 

3 communicating the first private key value to the second node and to the third 

4 node using messages encrypted using the second shared secret key value. 
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1 3. (Currently Amended) A method as recited in Claim 1, wherein creating md 

2 storing a the second shared secret key value further comprises creating and 

3 storing the second shared secret key based upon how many times each node 

4 of the second network communication entity has participated in formation of 

5 any such entity and based upon each private number of each node in the 

6 second network communication entity. 

1 4. (Original) ' A method as recited in Claim 1, further comprising the 

2 step of creating and storing a subsequent shared secret key for use 

3 by the first network communication entity and the third node to 

4 enable the third node to independently compute the group shared 

5 secret key. 

1 5. (Original) A method as recited in Claim 4, wherein creating and 

2 storing the subsequent shared secret key comprises creating and 

3 storing the subsequent shared secret key, k, according to the 

4 relation 

5 k = p (a * x)(b+y)(c * z) mod(q) 

6 where p = a random number, q = a prime number, a = the first private key 

7 value, b = the second private key value, c = a private key value of the 

8 third node, x = a number of times the first node has participated in 

9 entity formation, y = a number of times the second node has 

10 participated in entity formation, and z = a number of times the third 

1 1 node has participated in entity formation. 

1 6. (Original) A method as recited in Claim 5, further comprising the step of 

2 storing and distributing the first public value and the second public value 

3 using a key distribution center. 
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1 7. (Original) A method as recited in Claim 5, wherein the step of joining the 

2 first node to a second network communication entity further comprises: 

3 creating and storing a collective public key based upon the first private key 

4 value, the second private key value, and the third private key value; 

5 communicating a collective public key of the second network communication 

6 entity to the third node. 

1 8. (Original) A method as recited in Claim 7, wherein the step of joining the 

2 first node to a second network communication entity further comprises 

3 determining which one of the nodes of the first network communication 

4 entity is designated to transfer the collective public key based upon order of 

5 entry into the formed entity. 

1 9. (Original) A method as recited in Claim 7, wherein the step of joining the 

2 first node to a second network communication entity further comprises 

3 determining which one of the nodes of the first network communication 

4 entity is designated to transfer the collective public key based upon a 

5 predetermined metric. 

1 10. (Original) A method as recited in Claim 1 , wherein creating and storing an 

2 initial shared secret key for the first node and second node comprises creating 

3 and storing an initial shared public key "AB" according to the relation 

4 AB = k ab ab mod (q) = p (ab)(ab) mod (q) 

5 wherein k = the initial shared secret key value, a = the first private key value, 

6 b = the second private key value, p is a base value, and q is a 

7 randomly generated prime number value. 

1 11. (Currently Amended) A method for establishing a secure communication 

2 session among a first node of a network and one or more other nodes that are 

3 joined in a first network communication entity, using a group shared secret 
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4 ke y value , each of the nodes having a private key value associated therewith, 

5 the method comprising the computer-implemented steps of: 

6 communicating a first public key value from a first node that is joining the 

7 first network communication entity to each other node that is 

8 currently within the first network communication entity; 

9 receiving a collective public key value that is shared by each other node in 

10 the first network communication entity and that is based on private 

1 1 key values associated with each other node in the network 

12 communication entity; 

13 creating and storing the group shared secret key value based on the collective 

14 public key value and the private key value associated with the first 

15 node; and 

16 joining the first node to a second network communication entity that includes 

17 the first network communication entity and the first node and that 

18 uses secure communication with messages that are encrypted using 

1 9 the group shared secret key value. 

1 12. (Currently Amended) A method as recited in Claim 1 1 , wherein joining the 

2 first node to a second network communication entity includes the step of 

3 communicating the private key value of the first node to all other nodes that 

4 are in the first network communication entity using messages encrypted using 

5 the group shared secret key value. 

1 13. (Currently Amended) A method as recited in Claim 11, wherein creating and 

2 s toring the group shared secret key value further comprises creating and 

3 storing the group shared secret key value based upon how many times each 

4 node of the second network communication entity has participated in 

5 formation of any such entity and based upon each private number of each 

6 node in the second network communication entity. 
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1 14. (Currently Amended) A method as recited in Claim 1 1, further 

2 comprising the step of creating and storing a subsequent shared 

3 secret key for use by the first network communication entity and 

4 the first node to enable the first node to independently compute 

5 the group shared secret ke y value . 

1 15. (Original) A method as recited in Claim 14, wherein creating and 

2 storing the subsequent shared secret key comprises creating and 

3 storing the subsequent shared secret key, k, according to the 

4 relation 

5 k = p (a * x)(b * y)(c * 2) mod(q) 

6 where p = a random number, q = a prime number, a = the first private key 

7 value, b = the second private key value, c = a private key value of the 

8 third node, x = a number of times the first node has participated in 

9 entity formation, y = a number of times the second node has 

10 participated in entity formation, and z = a number of times the third 

1 1 node has participated in entity formation. 

1 16. (Original) A method as recited in Claim 11, further comprising the step of 

2 communicating the first public key value of the first node to the first network 

3 communication entity by storing the first public key value in a key' 

4 distribution center. 

1 1 7. (Original) A method as recited in Claim 1 1 , wherein the step of joining the 

2 first node to a second network communication entity further comprises 

3 creating and storing a subsequent collective public key based upon the 

4 collective public key value and the first public key value of the first node. 

1 18. (Original) A method as recited in Claim 1 1 , wherein the step of joining the 

2 first node to a second network communication entity further comprises 
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3 receiving the collective public key from one of the nodes of the first network 

4 communication entity that was the first node to join the first network 

5 communication entity. 

1 19. (Original) A method as recited in Claim 11, wherein receiving the collective 

2 public key value comprises receiving an initial shared public key "AB" 

3 defined according to the relation 

4 AB = k ab ab mod (q) = p (ab)(ab) mod (q) 

5 wherein k = the initial shared secret key value, a = the first private key value, 

6 b = the second private key value, p is a base value, and q is a 

7 randomly generated prime number value. 

8 20. (Original) A method for exchanging cryptographic keys, the method 

9 comprising the steps of: 

10 forming a multicast group initially comprising a first node and a second node, 

1 1 the first node generating a first private value, the second node 

12 generating a second private value, wherein the initial multicast group 

13 exchanges the first private value and the second private value with the 

14 second node and the first node, respectively, using a shared secret 

15 key, the multicast group generating a common public key; and 

16 joining the multicast group by a new node, the new node generating a new 

17 private value and a corresponding public key, the step of joining 

18 includes: 

19 sending the common public key of the multicast group by a member of the 

20 multicast group to the new node; 

21 tracking a number of times each node in the multicast group participates in 

22 the step of joining; 

23 computing a new shared secret key by the new node based upon the common 

24 public key of the multicast group and the new private value; 

25 publishing the public key of the new node; and 

26 computing the new shared secret key by each member of the multicast group 

27 based upon the public key of the new node, the private values of each 
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28 member, and the number of times each node in the multicast group 

29 participates in the step of joining. 

1 21 . (Original) A method as recited in Claim 20, wherein the public values are 

2 stored and distributed by a key distribution center. 

1 22. (Original) A method as recited in Claim 20, wherein the step of joining 

2 further comprises determining the sending member based upon order of entry 

3 into the multicast group. 

1 23. (Original) A method as recited in Claim 20, wherein the step of joining 

2 further comprises determining the sending member based upon a 

3 predetermined metric. 

1 24. (Currently Amended) A method as recited in Claim 20, wherein the plurality 

2 of nodes communicate over a packet switched network[[.]] that supports, in 

3 part, Internet Protocol. 

1 25. (Original) A method as recited in Claim 20, wherein the first node, the 

2 second node, and the new node are authenticated by a distributed directory. 

1 26. (Currently Amended) A computer-readable medium carrying one or more 

2 sequences of one or more instructions for establishing a secure 

3 communication session among a first node of a network and one or more 

4 other nodes using a group shared secret key, each of the nodes having a 

5 private key value associated therewith, the one or more sequences of one or 

6 more instructions including instructions which, when executed by one or 

7 more processors, cause the one or more processors to perform the steps of: 

8 communicating a first public key value of the first node to a second node; 
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9 creating and storing an initial shared secret key for the first node and second 

10 node based on a first private key value and a second public key value 

1 1 that is received from the second node; 

12 creating and storing information at the first node that associates the first node 

13 with a first network communication entity by generating a collective 

14 public key value that is shared by the first node and a second node 

1 5 and based on the first private key value and a second private key 

16 value that is derived by the first node from the second public key 

17 value; 

1 8 receiving a third public key value from a third node that seeks to join the first 

19 network communication entity; 

20 creating and storing a second shared secret key value based on the collective 

2 1 public key value and the third public key value; and 

22 joining the first node to a second network communication entity that includes 

23 the first network communication entity and the third node and that 

24 uses secure communication with messages that are encrypted using 

25 the second shared secret key value; 

26 wherein the first node, second node, and third node are separate nodes . 

1 27. (Currently Amended) A multicast communication server for establishing a 

2 secure communication session among a first node of a network and one or 

3 more other nodes using a group shared secret key, each of the nodes having a 

4 private key value associated therewith, comprising: 

5 means for communicating a first public key value of the first node to a 

6 second node; 

7 means for creating and storing an initial shared secret key for the first node 

8 and second node based on a first private key value and a second 

9 public key value that is received from the second node; 

10 means for creating and storing information at the first node that associates the 

1 1 first node with a first network communication entity by generating a 

12 collective public key value that is shared by the first node and a 

1 3 second node and based on the first private key value and a second 
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14 private key value that is derived by the first node from the second 

15 public key value; 

1 16 means for receiving a third public key value from a third node that seeks to 

17 join the first network communication entity; 

1 8 means for creating and storing a second shared secret key value based on the 

19 collective public key value and the third public key value; 

20 means for joining the first node to a second network communication entity 

21 that includes the first network communication entity and the third 

22 node and that uses secure communication with messages that are 

23 encrypted using the second shared secret key value; 

24 wherein the first node, second node, and third node are separate nodes . 

1 28. (Currently Amended) A method as recited in Claim 1, wherein creating and 

2 storing |"|"a~l~| the second shared secret key value further comprises creating and 

3 storing the second shared secret key according to the relation 

4 k abc = (AB) C mod (q) = p (ab)(ab)c mod (q) = p (ab ** 2)c mod (q) 

5 where p = a random number, q = a prime number, a = the first private key 

6 value, b = the second private key value, c = a private key value of the 

7 third node, AB = the collective public key value. 
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